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Box No. I 



Basis of the report 



1. 



With regard to the language, this report is based on: 

X] The international application in the language in which it was filed 



I I A translation of the international application into 
translation furnished for the purposes of: 



, which is the language of a 



| | international search (under Rules 12.3(a) and 23.1 (b)) 

[~ J publication of the international application (under Rule 12.4(a)) 

Q | international preliminary examination (Rules 55.2(a) and/or 55.3(a)) 

With regard to the elements of the international application, this report is based on (replacement sheets which have been 
furnished to the receiving Office in response to an invitation under Article 14 are referred to in this report as "originally 
filed' 1 and are not annexed to this report): 
| | the international application as originally filed/furnished 

[X 1 the description: 

pages 1, 5 - 12 as originally filed/furnished 

pages* 2-4 received by this Authority on 17 January 2006 with the letter of 17 January 2006 
received by this Authority on with the letter of 



X 



the claims: 



pages * 



pages 
pages* 
pages* 
pages* 



as originally filed/furnished 

as amended (together with any statement) under Article 19 
13 - 14 received by this Authority on 17 January 2006 with the letter of 17 January 2006 
received by this Authority on with the letter of 



X the drawings: 



pages 1-2 as originally filed/furnished 

pages* received by this Authority on with the letter of 

pages* received by this Authority on with the letter of 

| | a sequence listing and/or any related table(s) - see Supplemental Box Relating to Sequence Listing. 

3. j | The amendments have resulted in the cancellation of: 

P~] the description, pages 

[ | the claims, Nos." 

[ ] the drawings, sheets/figs 

[ ] the sequence listing (specify): 

| | any table(s) related to the sequence listing (specify): 

4. I I This report has been established as if (some of) the amendments annexed to this report and listed below had not been 

made, since they have been considered to go beyond the disclosure as filed, as indicated in the Supplemental Box (Rule 
70.2(c)).' 

| | the description, pages 

j [ the claims, Nos. 

| | the drawings, sheets/figs 

f~| the sequence listing (specify): 

| | any table(s) related to the sequence listing (specify): 

* If item 4 applies, some or all of those sheets may be marked "superseded. " 
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Box No. V Reasoned statement under Article 35(2) with regard to novelty, inventive step or industrial applicability; 
citations and explanations supporting such statement 



1 . Statement 



Novelty (N) 


Claims 


1-7 


YES 




Claims 


Nil 


NO 


Inventive step (IS) 


Claims 


1-7 


YES 




Claims 


Nil 


NO 


Industrial applicability (IA) 


Claims 


1-7 


YES 




Claims 


Nil 


NO 



2, Citations and explanations (Rule 70.7) 

Novelty (ISO and Inventive Step (IS): 

Dl) US 2002/0188856 Al (Worby) 12 December 2002 

D2) WO 2001/035193 Al (INTERNATIONAL BUSINESS MACHINES CORPORATION) 17 May 2001 
D3) US 6199163 Bl(Dumasetal.)6March2001 

D4) EP 91 1738 A2 (CALLUNA TECHNOLOGY LIMITED) 28 April 1999 
D5) US 2003/0177379 Al (Hori et al.) 18 September 2003 

D6) WO 2003/012606 A2 (STONEWOOD ELECTRONICS LTD) 13 February 2003 
D7) WO 2000/079392 Al (FOTONATION, INC) 28 December 2000 

None of the citations disclose the invention as claimed. The closest prior art 5 that of D4, describes a disk drive 
having an encryption/decryption circuit and security control means. Paragraph 27 discusses user authentication, 
and states that on power up, the drive is in the disabled state and is placed in the enabled state by inputting a 
numerical key that acts like a password. . The numerical key is authenticated by the encryption hardware on the 
drive. If the numerical key is valid read/write access to the drive is granted, but if the numerical key is invalid 
then such access is denied. Consequently, there is no disclosure of the memory being exposed prior to user 
authentication. 



Industrial Applicability (IAV 

The claimed invention finds use in the field of data storage and clearly meets the requirements for industrial 
applicability. 
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Box No. VI Certain documents cited 


1 . Certain published documents (Rule 70. 10) 

Application No. Publication date 
Patent No. (dav/month/vear) 


Filing date 
( dav/m onth/vear) 


Priority date ( valid claim) 

' (dav/montWvear) 


Dl) P,X US 2004/0103288 27 May 2004 


27 November 2002 


27 November 2002 



Claim 6 is not considered to be novel or inventive in light of citation Dl 5 which discloses a method of protecting data in 
which an encryptor is exposed to an interface only upon successful user authentication. In Dl 5 it is noted that memory 
area 121 is exposed to the interface at least until user authentication (please refer to paragraph [0037] and Figure 6). If 
user authentication is successful, then memory area 122 is exposed for the storage of data. 



2. Non-written disclosures (Rule 70.9) 



Kind of non-written disclosure 



Date of non-written disclosure 

(day/month/year) 



Date of written disclosure 
referring to non-written disclosure 

(dav/month/vear) 
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associated with the software solutions described above, 
these hardware solutions cannot be easily implemented on 
portable computing devices such as notebook computers 
because additional interface hardware cannot be 
5 accommodated in the spade normally occupied by, in a 
notebook computer, a hard disk- In addition, these 
hardware solutions often require an additional interface 
into which a hardware key is inserted in order to 
authenticate the user to the hardware encryptor before 

10 activating the hardware encryption/decryption device. 

This interface is necessary because the hardware solution 
has no way of interfacing to other authentication devices, 
such as keyboards, Thig hardware interface cannot, 
therefore, be implemented an the portable computing device 

15 without customising the device « 

SUMMARY OF THE XiNVENTION 

It is an object of the present invention, therefore, to 
provide a method and device for protecting data stored in 
2 0 a computing device, such as a notebook computer. 

The present invention provides a device for protecting 
data , comprising s 

an interface for connection to a computing 

2 5 device; 

a data storage? 

an encryptor located in-line between said 
interface and said data storage; 

a control system; and 

3 0 a memory that includes program data executable on 

said computing device to perform user authentication; 

wherein said control system is configured to 
expose said memory to said interface to facilitate user 
authentication and at least until user authentication and 
3 5 to expose said encryptor to said interface only upon 
successful user authentication, and said encryptor ±s 
operable to encrypt on the fly data received from said 
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Interface and to forward said data once encrypted to said 
data storage and to decrypt on the fly data received from 
said data storage and to forward said data once decryp t6d 
to said interface. 

5 

Thus, the data stored in the data storage is encrypted, 
but the user need not be aware of the encryption or 
decryption processes. 

10 In one embodiment, the control system is configured to 
reboot said computing device after successful u$er 
authentication and before exposing said encryptor to said 
interface . 

15 The memory may comprise a portion o£ a memory storage 
system provided with one or more bootable programs. 

The computing device could be any such device f but tike 
invention will provide particular benefit with portable 

2 0 computing devices that - as discussed above - are most 

vulnerable to unauthorized data, access « 

The present invention also provides a device for 
protecting data, comprising $ 
25 a first interface for connection to a computing 

device; 

a second interface for connection to a data 

storage; 

an encryptor located in-line between said first 

3 0 interface and said second interface? 

a control system/ and 

a memory that includes program data executable on 
said computing device to perform user authentication; 

wherein said control system is configured to 
35 expose said memory to said first interface to facilitate 

user authentication and at least until user authentication 
and to expose said encryptor to said first interface only 



Amended Sheet 
IPEA/AU 



PCT/SG2005/000084 
Received 17 January 2006 



- 4 



upon successful user authentication , and said encryptor is 
operable to encrypt on the fly data received from said 
first interface and to forward said data once encirypted to 
said second interface and to decrypt on the fly data 
5 received from said second interface and to forward said 
data once decrypted to said first interface. 

The present invention also provides a method of protecting 
data, comprising: 
10 locating an encryptor in-line between a data 

storage and an interface to a computing device; 

exposing a memory to said interface to facilitate 
user authentication and at least until user 
authentication? 

15 exposing said encryptor to said interface only 

upon successful user authentication; 

encrypting on the fly data received from said 

first interface and forwarding said data once encrypted to 

said second interface; and 
20 decrypting on the fly data received from said 

second interface and forwarding said data once decrypted 

to said first interface. 

BRIEF DESCRIPTION OF THE DRAWINGS 
25 In order that the invention may be more clearly 

ascertained, preferred eaibodimants will now be described, 
by way of example, with reference to the accompanying 
drawings, in which; 

Figure 1 is a schematic view of a data protection 
3 0 device according to an embodiment of the present 

invention, with a portable computing device with which the 
device is to be used; 

Figure 2 is a photograph of one embodiment of the 
data protection device of figure .1; ^n-d 
35 Figure 3 is a schematic vfew of the functional 

components of the data protection device of figure 1; 

Figure 4 is a schematic view of the functional 
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CLAIMS i 

1* A device for protecting data/ comprising: 

an interface for connection to a computing device; 
5 a data storage; 

an encryptor located in-line between said interface 

and said data storage? 

a control system? and 

a memory that includes program data executable on 
10 said computing device to perform user authentication \t 

therein said control system is configured to expose 
said memory to said interface to facilitate user 
authentication and at least until user authentication and 
to expose said encryptor to Said interface only upon 
IS successful user authentication, and said encryptor i«s 
operable to encrypt on the fly data received from said 
interface and to forward said data once encrypted to said 
data storage and to decrypt on the fly data received from 
said data storage and to forward said data once decrypted 
2 0 to said interface * 

2, A device as claimed in claim 1, wherein said control 
system is configured to reboot said computing device after 
successful user authentication and before exposing said 

25 encryptor to said interface* 

3, h device as claimed in claim 1, wherein said memory 
comprises a portion of a memory storage system provided 
with one or more bootable programs. 

30 

4, A device for protecting data, comprising t 

a first interface for connection to a computing 
device; 

a second interface for connection to a data storage; 
35 an encryptor located in-line between said firsb 

interface and said second interface; 
a control system; and 
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a memory that includes program data executable on 
said computing device to perform user authentication; 

wherein paid control system is configured to expose 
said memory to said first interface to facilitate user 
5 authentication and at least until user authentication and 
to expose aaid eneryptor to said first interface only upon 
successful user authentication, and said eneryptor iei 
operable to encrypt on the fly data received from said 
first interface and to forward said data once encrypted to 
10 said second interface and to decrypt on the fly data 

received from said second interface and to forward said 
data once decrypted to said first interface. 

5- A device as claimed in claim 4, wherein aaid control 
15 system is configured to reboot said computing device after 
successful user authentication and before exposing said 
eneryptor to said first interface. 

6, A method of protecting data, comprising; 
20 locating an eneryptor in-line between a data storage 

and an interface to a computing device; 

exposing a memory to said interface to facilitate 
user authentication and at least until user authentication; 
exposing said eneryptor to said interface only upon 
25 successful user authentication; 

encrypting on the fly data received from said first 
interface and forwarding said data once encrypted to said 
second interface; and 

decrypting on the fly data received from said second 
3 0 interface and forwarding said data once decrypted to said 
first interface. 

7* A device as claimed in either claim 1 or 4, wherein 
said memory includes a bootable parogx-am configured to 
3 5 automatically load into said computing device wtisn said 
device is connected to said computing device and said 
computing device is powered up. 
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